there is a vpn between the two zeroshell systems, with NAT enabled for both the vpn and “external” (towards wan) interfaces of the zeroshell systems. All seems to be working normally, ie, I can see one lan from the other, and can access the outside world from both.
The issue I am facing: the accelerators are not working as prescribed by their vendor, who states that these systems won’t link up with each other properly unless static NAT is used. Being relatively illiterate regarding NAT, my questions are then:
1) does zeroshell by default use static or dynamic NAT?
2) if possible, how do I go about setting up static NAT?
1) Static nat means that the public IP address correlates to a private IP address in the internal network. Dynamic usually means that either one public IP is overloaded (PAT) or multiple public IP’s are used in a pool and correlate to various private IPs.
ZS by default uses Dynamic (PAT).
2) You have to change the rules in the iptables, so that your external public IP address equals to the internal private IP of the vpn accelerator. All this would require a post boot script to change the configuration, as there is no such option in the web interface.